Skip to content

Gitea docker container's SSHD fails due to missing MaxStartups and MaxSessions in sshd_config #16044

New issue
New issue
Closed
#16046
Closed
Gitea docker container's SSHD fails due to missing MaxStartups and MaxSessions in sshd_config#16044
#16046
@sutusa

Description

@sutusa
sutusa
opened on Jun 1, 2021
  • Gitea version (or commit ref): 1.15.0+dev-375-g072df3ff8 built with GNU Make 4.3, go1.16.4 : bindata, timetzdata, sqlite, sqlite_unlock_notify
  • Operating system: docker image

Today, I bounced the docker container/image using gitea/gitea:latest in my kubernetes configurations. The container log showed that sshd fails to start due to Missing MaxStartups spec on line 8. I was no longer able to communicate to gitea on ssh as suspected:

$ kubectl get pods
NAME                     READY   STATUS    RESTARTS   AGE
gitea-6b7b9c8f79-4kv6t   1/1     Running   0          22m

$ kubectl logs pod/gitea-6b7b9c8f79-4kv6t | head -n 30
/etc/ssh/sshd_config line 8: Missing MaxStartups spec.
/etc/ssh/sshd_config line 8: Missing MaxStartups spec.
/etc/ssh/sshd_config line 8: Missing MaxStartups spec.
2021/06/01 17:58:01 cmd/web.go:81:runWeb() [I] Starting Gitea on PID: 16
2021/06/01 17:58:01 ...dules/setting/git.go:101:newGit() [I] Git Version: 2.30.2, Wire Protocol Version 2 Enabled
2021/06/01 17:58:01 cmd/web.go:125:runWeb() [I] Global init
2021/06/01 17:58:01 ...dules/setting/git.go:101:newGit() [I] Git Version: 2.30.2, Wire Protocol Version 2 Enabled
2021/06/01 17:58:01 routers/init.go:134:GlobalInit() [T] AppPath: /app/gitea/gitea
2021/06/01 17:58:01 routers/init.go:135:GlobalInit() [T] AppWorkPath: /app/gitea
2021/06/01 17:58:01 routers/init.go:136:GlobalInit() [T] Custom path: /data/gitea
2021/06/01 17:58:01 routers/init.go:137:GlobalInit() [T] Log path: /data/gitea/log
2021/06/01 17:58:01 routers/init.go:49:checkRunMode() [I] Run Mode: Prod
/etc/ssh/sshd_config line 8: Missing MaxStartups spec.
/etc/ssh/sshd_config line 8: Missing MaxStartups spec.

I executed a shell within the container and looked at the sshd_config, and it has empty values for MaxStartups and MaxSessions as the log indicated:

$ kubectl exec --stdin --tty gitea-6b7b9c8f79-4kv6t -- /bin/bash
bash-5.1# cat /etc/ssh/sshd_config | head -n 12
Port 22
Protocol 2

AddressFamily any
ListenAddress 0.0.0.0
ListenAddress ::

MaxStartups
MaxSessions

LogLevel INFO

Went looking through recent changes to the gitea code here on github and found this commit from 14 hours ago where MaxStartups ${SSH_MAX_STARTUPS} and MaxSessions ${SSH_MAX_SESSIONS} were just added to the sshd_config in the following commit:

5de01e2

I didn't investigate any further, but the environment variables of SSH_MAX_STARTUPS and SSH_MAX_SESSIONS appear to not have defaults preset and sshd_config values ultimately come up empty.

Thanks.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions